Back office data harvesting raises client confidentiality fears

Consolidation in wealth management is not just confined to merger and acquisitions.

There is also a new data-consolidation trend going on, with many firms on their way to creating a new generation of customer relationship management (CRM) systems that allow clients to upload a great variety of data and documents.

These can relate to different aspects of their wealth, including ones that are not connected with a manager’s services.

This shift to a more centralised digital portal has its advantages. From a firm’s perspective, it can act as an efficient tool to eliminate paperwork hurdles or get rid of the time-consuming postal exchange of documents.

It can also offer an easy access point for clients, enabling them to get instant information about their investments, while also functioning as an online filing cabinet, where diverse information, such as the balances of different savings accounts or even their will, is stored.

But efficiency aside, the amount of information clients will be providing raises several data privacy and cybersecurity concerns. This is likely to intensify when the General Data Protection Regulation (GDPR), a European regulation intending to strengthen and unify data protection laws, is to be enforced in less than a year.

No danger

Jonathan Hammond, managing consultant at Knadel, says he sees no dangers with this CRM genre, so long as firms up their game to accommodate GDPR burdens and are able to justify the reasoning behind why they are recording every piece of data they have.

This is designed to prevent firms taking advantage of this new wealth of information – especially the part not connected to a firm’s services – to try and get their hands on more of their client’s assets.

‘With GDPR, they will not have the right to hold data they do not need and clients would have to give them explicit consent,’ he said. ‘Firms will have to be able to give clients records of what they hold and prove that data can be erased.’

Mattioli Woods and Tcam, two of the firms that have joined the trend, offering such services, are conscious of these issues.

‘The data consolidation part is costing around £750,000,’ said Asif Naidu, Mattioli’s technology and integration director. ‘What we spent on cyber security is well in excess of that.’

Naidu said the multi-platform application will have banking-level security and that accumulating data in just one place will ultimately help increase safety.

‘The portal will become a web application and we will not have to pass information across systems. This data warehouse will be cloud-based, which will increase security,’ he said.

‘We have software that monitors traffic and anything outside of common behaviour, firewalls and cyber security insurance. And to comply with the GDPR regulation of consent, there will be an option for clients to allow the firm to hold all this information.’

More secure than the post

Tcam, which is upgrading its current online portal to allow its clients to upload information themselves, is taking similar steps.

‘It is more secure than sending pieces of paper around the countryside,’ Alex Montgomery, founder and joint chief executive, said. ‘Our experience with clients is that they are more scared about putting documents in the post.’

The wealth manager is working with a specialist developer with significant experience in the field of cybersecurity to put together a secure portal, and is building the system based on GDPR requirements.

But despite all the measures taken, part of the responsibility lies with the clients. Hammond views sophisticated CRMs more as a tool for automating and centralising data, rather than a problem. And he stresses that clients need to be aware of what they are putting into a system and who has access to their data.

It is something firms say they are devoting time to. Naidu explains that before the portal goes live his firm will launch a campaign to educate its clients on data security issues.

Equally, Montgomery says Tcam is helping clients understand this brave new world. ‘Even in the past when we realised, for example, that a client’s email account had been hacked, we took the time to explain to them how to avoid it.’

Fighting the ‘Facebook of finances’

Robert Roome, global head of products at software provider Wealth Dynamix (WDX), which provides services to a roster of wealth business such as Rathbones and Ruffer, believes firms should act now to implement these new CRM capabilities, in one sense just to defend their client bank from others launching these services.

He says among its 20 wealth clients half have expressed interest in implementing such a system, which WDX intends to launch one within the next six to 12 months.

Roome says firms are concerned that in years to come there will be a ‘Facebook of finance’, which could drive clients away from individual portals and into one central provider. So what they should aim for is to own the wealth relationship with their clients and create a relationship of trust that will be hard to break if such a platform comes along.

‘It will take a few years,’ Roome said. ‘But if you ask me, this is where the industry is heading.’

We use cookies to give you the best experience on our website. You can continue to use the website and we'll assume that you are happy to receive cookies. If you would like to, you can find out more about cookies and managing them at any time here. This site is for Professional Investors only, please read our Risk Disclosure Notice for Citywire’s general investment warnings

We use cookies to improve your experience. By your continued use of this site you accept such use. To change your settings please see our policy.